package com.bright.hxj.qchz.util;

import org.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.StringEscapeUtils;

import java.text.Normalizer;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class ReplaceStringUtils {
	
//	public static final String getReplaceString(String str, String distNo, String distName, String keyword, String writer,
//			String writeDate) {
//		String ztsql = null, footerSqlSub = null;
//
//
//		String rvalue = str;
//		String user_phone = null;
//
//		User user = null;
//		if(UserThreadLocal.get() != null && UserThreadLocal.get().getUser() != null) {
//			UserConstants userConstants = UserThreadLocal.get();
//			user = userConstants.getUser();
//
//			if(StringUtils.indexOf(rvalue, "${ztSql}") != -1 || StringUtils.indexOf(rvalue, "${ztsql}") != -1 ||
//					StringUtils.indexOf(rvalue, "${ztfields}") != -1 || StringUtils.indexOf(rvalue, "${ztfields}") != -1 ) {
//				ztsql = user.getZtSql("");
//			}
//
//
//
//
//			if(StringUtils.isEmpty(writer)) writer = user.getUserName();
//			if(StringUtils.isEmpty(writeDate)) writeDate = DateUtil.getAllDate(DateUtil.getCurrDate());
//
//			user_phone = user.getPhone();
//		}
//
//		rvalue = StringUtils.replace(rvalue, "${distNo}", StringUtils.trimToEmpty(distNo));
//		rvalue = StringUtils.replace(rvalue, "${distno}", StringUtils.trimToEmpty(distNo));
//		rvalue = StringUtils.replace(rvalue, "${distName}", StringUtils.trimToEmpty(distName));
//		rvalue = StringUtils.replace(rvalue, "${keyword}", StringUtils.trimToEmpty(keyword));
//		rvalue = StringUtils.replace(rvalue, "${writer}", StringUtils.trimToEmpty(writer));
//		rvalue = StringUtils.replace(rvalue, "${writeDate}", StringUtils.trimToEmpty(writeDate));
//		rvalue = StringUtils.replace(rvalue, "${user.phone}", StringUtils.trimToEmpty(user_phone)); //20210408 用户手机号
//		rvalue = StringUtils.replace(rvalue, "${sysYear}", DateUtil.getDate(DateUtil.getCurrDate(), 1));
//		rvalue = StringUtils.replace(rvalue, "${years}", DateUtil.getDate(DateUtil.getCurrDate(), 1));
//		rvalue = StringUtils.replace(rvalue, "${months}", Integer.valueOf(DateUtil.getDate(DateUtil.getCurrDate(), 2)) + "");
//		rvalue = StringUtils.replace(rvalue, "${landNoHead}", StringUtils.trimToEmpty(DataConstants.landNoHead));
//		rvalue = StringUtils.replace(rvalue, "${landNoWidth}", StringUtils.trimToEmpty(String.valueOf(DataConstants.landNoWidth)));
//		rvalue = StringUtils.replace(rvalue, "${contractNoHead}", StringUtils.trimToEmpty(DataConstants.contractNoHead));
//		rvalue = StringUtils.replace(rvalue, "${contractNoWidth}", StringUtils.trimToEmpty(String.valueOf(DataConstants.contractNoWidth)));
//		rvalue = StringUtils.replace(rvalue, "${ztSql}", StringUtils.trimToEmpty(ztsql));
//		rvalue = StringUtils.replace(rvalue, "${ztsql}", StringUtils.trimToEmpty(ztsql));
//		rvalue = StringUtils.replace(rvalue, "${ztfields}", StringUtils.trimToEmpty(ztsql));
//		rvalue = StringUtils.replace(rvalue, "${ztfields}", StringUtils.trimToEmpty(ztsql));
//		//rvalue = StringUtils.replace(rvalue, "${footerSqlSub}", StringUtils.trimToEmpty(footerSqlSub));
//		rvalue = StringUtils.replace(rvalue, "${userId}", user == null ? "" : String.valueOf(user.getUserId()));
//		rvalue = StringUtils.replace(rvalue, "${loaduser.name}", user == null ? "" : String.valueOf(user.getUserName())); //20190604 加入username
//		rvalue = StringUtils.replace(rvalue, "${loaduser.id}", user == null ? "" : String.valueOf(user.getUserId())); //20190604 加
//		rvalue = StringUtils.replace(rvalue, "${fromId}", UserThreadLocal.get() != null ? String.valueOf(UserThreadLocal.get().get__fromId()) : "");
//		rvalue = StringUtils.replace(rvalue, "${fromSubId}", UserThreadLocal.get() != null ? String.valueOf(UserThreadLocal.get().get__fromSubId()) : "");
//
//
//		//使用beijia库参数表
//		if(DataConstants.Beijia_Enabled) {
//			for(BJPZCanShu canShu: DataConstants.Beijia_CanShus) {
//				String bs = canShu.getBs().getValue();
//				String z = canShu.getZ().getValue();
//
//				bs = "${CanShu_" + bs + "}";
//
//				rvalue = StringUtils.replace(rvalue, bs, z);
//			}
//		}
//		rvalue = StringUtils.replace(rvalue, "${CanShu_BJDB}", DataConstants.Beijia_Database); //beijia database
//		rvalue = StringUtils.replace(rvalue, "${CanShu_PZDB}", DataConstants.getPZDB());
//
////		if (StringUtils.contains(str, "select")) {
////			List<List<Object>> data = PageUtil.getList(DataConstants.database, rvalue);
////			if(data.size()>0) {
////				rvalue = String.valueOf(data.get(0));
////			} else {
////				rvalue = "";
////			}
////		}
//
//
//		return rvalue;
//	}


	/**
	 * 20210804
	 * Log Forging漏洞校验
	 * @param logs
	 * @return
	 */
	public static String vaildLog(String logs) {
		if(logs == null) return null;

		List<String> list = new ArrayList<String>();
		list.add("%0d");
		list.add("%0a");
		list.add("%0A");
		list.add("%0D");
		list.add("\r");
		list.add("\n");
		String normalize = Normalizer.normalize(logs, Normalizer.Form.NFKC);
		for (String str : list) {
			normalize = normalize.replace(str, "");
		}
		return normalize;
	}

	public static String getVaildPrintJson(JSONObject jsonObject) {
		if(jsonObject == null) return null;

		String s = StringEscapeUtils.escapeJson(jsonObject.toString());

		return StringEscapeUtils.unescapeJson(s);
	}

	public static String getVaildPrintJson_byString(String jsonObject) {
		if(jsonObject == null) return null;

		String s = StringEscapeUtils.escapeJson(jsonObject.toString());

		return StringEscapeUtils.unescapeJson(s);
	}

	/**
	 * @param fetchStr 被抓取字符串内容
	 * @param regex    正则表达式 (\{\{)(\w+)(\.DATA}})
	 * @param group    正则表达式 里面的分组即括号分组 1：{{; 2:content; 3:.DATA}}
	 * @comment: 从内容中 抓取参数名
	 * @return: java.util.List<java.lang.String>
	 * @author: KangLong Qiu
	 * @date: 2020-08-28 10:16
	 */
	public static List<String> fetchParameterName(String fetchStr, String regex, Integer group) {
		List<String> strings = new ArrayList<String>();
		if (group == null)
			group = 0;
		Pattern pattern = Pattern.compile(regex);
		Matcher matcher = pattern.matcher(fetchStr);
		while (matcher.find()) {
			String paramName = matcher.group(group);
			if (!strings.contains(paramName))
				strings.add(paramName);
		}
		return strings;
	}
}
